v0.1 — review pending

Data Processing Agreement

Last updated: 2026-05-07

1. Roles

For the purposes of LGPD and GDPR, the Customer is the Controller (or the controller's processor) of personal data routed through rendfly, and rendfly (DFMENDES TECNOLOGIA LTDA) is the Processor. This DPA forms part of the Terms of Service.

2. Subject matter and duration

The Processor processes personal data only to deliver the Service to the Customer. Processing begins when the Customer first routes traffic through rendfly and continues until the Customer's account is closed and the retention window in the Privacy Policy has elapsed.

3. Categories of data and data subjects

  • End-user PII inside conversations — names, contact details, identifiers, free text. Automatically redacted before storage where detected.
  • System messages — Customer intellectual property describing agent behavior; treated as confidential.
  • Provider API keys — encrypted at rest with AES-256-GCM, accessible only to the request path that calls the provider on the Customer's behalf.

Data subjects are the Customer's end users (whoever interacts with the Customer's AI agent), Customer staff with workspace access, and the operators of any external systems referenced by the agent.

4. Security measures

  • TLS 1.3 in transit; AES-256-GCM at rest for sensitive columns.
  • PostgreSQL row-level security scoped to workspace_id; least-privilege service accounts.
  • Argon2id for password hashing; short-lived (15 min) JWT plus refresh tokens; HttpOnly + SameSite=Lax cookies.
  • PII redaction before storage; rate limiting per workspace; immutable audit log of sensitive accesses.
  • Dependency and secrets scanning in CI (govulncheck, gitleaks).
  • Defense in depth, fail-closed on uncertainty, secure defaults (2FA, redaction on by default).

5. Sub-processors

The Processor uses the following sub-processors. Material changes are announced by email at least 30 days in advance; the Customer may object and terminate without penalty.

  • Hosting and database: [provider/region — TBD with infra finalization]
  • Transactional email: Sendkit
  • Authentication: SuperTokens (self-hosted, planned)
  • LLM provider for evaluation judges: Customer-selected; the Customer's provider credentials are used.

6. Customer rights

On request, the Processor will provide reasonable assistance with data subject requests, breach notifications, and Data Protection Impact Assessments. Requests should be sent to privacy@rendfly.com.